Password management

There are several options to store or cache your password. Password management is done in GPGPreferences. To open GPGPreferences, open your macOS System Preferences or open spotlight and type 'GPGPreferences'. pinentry is the program, which asks for your password.

1. Store passwords for your OpenPGP keys in macOS keychain

When you store a password in macOS keychain, pinentry, the program used to ask for your password, will never again ask for that password. macOS will remember this password and automatically use it when needed. That means you will then no longer see the pinentry dialog querying for your password. The password is protected with your macOS user password. To see any stored OpenPGP passwords in macOS keychain:

  1. open macOS keychain (not GPG Keychain)
  2. enter 'gnupg' in the search field
  3. double click any search result and then 'Show password'

To enable this option, open GPGPreferences and in the password section tick the option to "Store in OS X Keychain". Each pinentry dialog asking for your password also has that option.

2. password caching

GPGPreferences password section also has the option to set a certain time your password can be cached. Enter any amount of seconds for which you want your password to be remembered. Password queries after that time period will again show pinentry asking for your password.

3. Delete stored passwords

The 'Clear' button allows to clear the cache and delete all OpenPGP passwords stored in the macOS keychain.

GPGPreferences_password.jpg

pinentry_save_in_keychain.jpg